Vulnerabilities - CISA Adds Apple, Laravel, Craft CMS Flaws

The Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added several critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Among these are multiple flaws affecting Apple products, Laravel Livewire, and Craft CMS. Notably, the vulnerabilities include CVE-2025-32432, a code injection vulnerability in Craft CMS, and CVE-2025-54068, linked to Laravel Livewire. These vulnerabilities have been assigned high CVSS scores, indicating their severity and potential for exploitation.

The vulnerabilities were identified following reports from various cybersecurity entities, including Google Threat Intelligence Group and Orange Cyberdefense. The flaws can be exploited by threat actors to execute malicious code, potentially leading to data breaches or unauthorized access to sensitive information.

What's at Risk

The risks associated with these vulnerabilities are significant. For instance, CVE-2025-32432 has been exploited in the wild, allowing attackers to breach servers and steal data. The exploitation of these vulnerabilities can lead to severe consequences, including data loss and reputational damage for affected organizations.

CISA has emphasized the importance of addressing these vulnerabilities promptly, particularly for federal agencies, which are required to remediate these flaws by April 3, 2026. The vulnerabilities not only affect federal agencies but also pose risks to private organizations that utilize these platforms.

Patch Status

Fortunately, patches have been released for the identified vulnerabilities. Craft CMS has addressed CVE-2025-32432 in its versions 3.9.15, 4.14.15, and 5.6.17. Similarly, the Yii framework, which Craft CMS relies on, has released a patch to mitigate the input validation flaw. It is crucial for users and organizations to apply these updates as soon as possible to protect their systems from potential exploits.

However, the vulnerabilities in Apple products remain a concern, as they have been linked to an iOS exploit kit known as DarkSword. This kit targets multiple Apple vulnerabilities, indicating a broader threat landscape that could affect a wide range of users.

Immediate Actions

Organizations and users should take immediate action to mitigate the risks associated with these vulnerabilities. Here are some recommended steps:

• Update software: Ensure that all affected systems are updated to the latest versions that include the necessary patches.
• Monitor systems: Implement monitoring solutions to detect any suspicious activity related to these vulnerabilities.
• Educate staff: Train employees about the risks and signs of exploitation to enhance overall security awareness.

By taking these proactive measures, organizations can significantly reduce their exposure to the risks posed by these newly identified vulnerabilities.